GDPR Compliance
What is GDPR?
GDPR – General Data Protection Regulation was implemented in May 2018.
It ensures the protection of individuals with regard to the processing of personal data and the free movement of such data. This regulation is applicable to those who have global businesses and utilizes data and information.
What is personal data?
It comprises of:
Who needs GDPR?
This means that a large number of individuals, corporations, public authorities, and others are significantly affected by GDPR and need to be aware of its complexities and requirements. The rise to data protection emerged to protect individuals from the misuse of data.
The regulation applies to anyone who collects data.
Processes or analyses data and anyone who records data.
For example, an admission process within an educational institution develops the data acquisition model and then use them for data processing purposes.
Users have the right to request for their data and knowledge about the purposes of the data processing or the activities that the companies perform with their data. Which must be available to the person in a portable commonly used machine-readable format.
Also, companies will have to let their users know what their data will be used for with third-party providers, that will have access to the data or store the data.
Any user can request for their data to be forgotten or right to erasure if requested. This happens when personal data is no longer needed for the original purpose.
GDPR Compliance.
Do data protection by design and by default.
Organizations must ensure that they have a GDPR compliance checklist.
- Data Security: take data into account at all times.
- Accountability and governance: sign a data protection agreement between the organization and any third parties that process personal data on your behalf. (this can be seen in the terms of use policy).
- Appoint a data protection officer where necessary.
- Privacy rights: individuals have the right to see the information you have about them and update their information where necessary.
By Jennifer.A. Gbajumo
Head of ICT
Lagos, Nigeria